6. Data sources Information of the customer data register is obtained through a customer relationship.

7. Disclosure of the customer data information The Information of the customer data register will not be disclosed to third parties. Data is not transmitted outside the EU or EEA.

8. Principles of record protection Enmac Oy is serious about securing the confidentiality of personal data. We use administrative, physical and electronic measures to protect the data against unauthorized access. The customer information registers are stored in a database that is only allowed to use certain predefined persons by entering a username and password. The database is also protected by firewalls and other technical means. Databases and their backups are located in locked spaces accessible only by predetermined persons. Enmac never gives, sells, or exchanges customer information for marketing purposes outside Enmac. While we strive to ensure the integrity and security of personal data, we cannot guarantee that the security measures used prevent third parties and so-called hackers from accessing personal data illegally. We will notify the registered persons of any breach of secrecy or integrity, as required by law, at an expedient time and without undue delay.

We will discard obsolete and unnecessary data in an appropriate manner. We will retain personal information only as long as it is necessary for the purpose of processing personal data as defined in this Privacy policy. 9. Registered person´s right to object to direct marketingThe customer has the right to deny the controller access to information about himself or herself for direct marketing or market research and opinion polling purposes. The ban must be made in writing.

10. Registered person´s the right to review and rectify the informationIn accordance with applicable data protection laws, the data subject has the right to be informed about the processing of his / her personal data and the right to request his / her personal data to be reviewed from our register. The customer has the right to request rectification of incorrect or inaccurate information.

12. Registered person´s right to request the removal of the registered data The customer has the right to request the removal of his or her data from the customer data register, except for the following situations; *the customer has an ongoing matter with Enmac *the customer has an open project *the customer has an unsettled debt with Enmac, regardless of the payment method *if the customer is suspected or has misused Enmac´s services within the last four years

13. Operating instructions Regarding personal data check, correction and / or removal requests, please contact Enmac Ltd's contact person in customer data register matters. - If necessary, fit a meeting time for processing the request. In the meeting the issues related to the request will be addressed. - Enmac Oy has the right to refuse to execute the request on the basis of the applicable law.

14. Updates to Enmac`s Privacy policy Enmac updates Privacy policy when needed. The latest version is always available on our website.

3. The name of a register Enmac’s marketing data register. Our marketing data register includes personal data of our customers, potential customers, partners and their representatives.

4. Use of the marketing data register Enmac uses the marketing data for communication and relationship management purposes as well as marketing purposes. The processing of personal data is based on our legitimate interest in maintaining business relationships, marketing and communicating about our products and services. We will also send direct marketing letters to the registrars that the registrar may choose to deny. We process personal data in accordance with applicable law and the General Data Privacy Act (GDPR).

5. Information content of the marketing data register We collect the person's name, email, and other information they have provided. By means of cookies, we can get measurable information about visitors from our website, which we use for example, when planning our marketing. Our goal is to target our communication as well as possible. The following information can be stored for a registered person: - Name - The company represented by a person - E-mail

6. Data sources The marketing register data is mainly collected from the person himself. We also get information from our website (contact form and inquiry request form). Other sources of information include various customer and cooperation contacts and personal sales work. We also follow the cookies and the visit on our website leaves a copy of the IP address. Personal data can sometimes be purchased for one-off marketing from external registers as well.

7. Disclosure of the marketing data information The Information of the marketing data register will not be disclosed to third parties. Data is not transmitted outside the EU or EEA.

8. Principles of record protection Enmac Oy is serious about securing the confidentiality of personal data. We use administrative, physical and electronic measures to protect the data against unauthorized access. The customer information registers are stored in a database that is only allowed to use certain predefined persons by entering a username and password. The database is also protected by firewalls and other technical means. Databases and their backups are located in locked spaces accessible only by predetermined persons. Enmac never gives, sells, or exchanges customer information for marketing purposes outside Enmac. While we strive to ensure the integrity and security of personal data, we cannot guarantee that the security measures used prevent third parties and so-called hackers from accessing personal data illegally. We will notify the registered persons of any breach of secrecy or integrity, as required by law, at an expedient time and without undue delay.

We will discard obsolete and unnecessary data in an appropriate manner. We will retain personal information only as long as it is necessary for the purpose of processing personal data as defined in this Privacy policy. 9. Registered person´s right to object to direct marketingThe registered person has the right to deny the controller access to information about himself or herself for direct marketing or market research and opinion polling purposes. The ban must be made in writing.

10. Registered person´s the right to review and rectify the informationIn accordance with applicable data protection laws, the data subject has the right to be informed about the processing of his / her personal data and the right to request his / her personal data to be reviewed from our register. The registrar has the right to request rectification of incorrect or inaccurate information.

12. Registered person´s right to request the removal of the registered data The registered person has the right to request the removal of his or her data from the marketing data register.